Title: iCOPS: insider attack detection in distributed file systems
Authors: Riddhi Solani; Manik Lal Das
Addresses: DA-IICT Gandhinagar – 382007, India ' DA-IICT Gandhinagar – 382007, India
Abstract: Distributed file system (DFS) has been widely used in many applications. Insider attacks in DFS is a potential target that can cause problems in many applications. A malicious insider or an outsider who controls an insider could compromise application's security by exploiting the target file(s) in the system. In this paper, a scheme, named as iCOPS, is proposed to detect insider attacks in DFSs. The proposed iCOPS scheme consists of two algorithms - Process Profiling and Attack Detection. The Process Profiling runs on datanode and replica nodes that provide output to namenode, whereas, the Attack Detection runs on the namenode to detect an attack that might have triggered by the Process Profiling algorithm. The analysis and experimental results of the proposed iCOPS show notable observations in detection of data alteration by insider attacks.
Keywords: insider attacks; system security; distributed systems; HDFS; data modification; process profiling.
International Journal of Social Computing and Cyber-Physical Systems, 2021 Vol.2 No.3, pp.244 - 255
Received: 27 Nov 2020
Accepted: 28 May 2021
Published online: 05 Oct 2021 *